Securing WordPress Plugins from Attacker’s Perspective
Securing WordPress Plugins from Attacker’s Perspective. Useful tips to bear in mind. As always, it seems to come down to:
- Never trust user input. Ever.
- Check permissions.
- Validate where a request has come from.